PLCs, or Programmable Logic Controllers, have been part of industrial environments since the birth of automation. Given their evolution over time, thanks to greater intelligence, they have become a target of interest for potential attackers.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Bastioning procedures
Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.
This post explains the infrastructure of command and control (C&C), describing what an attack consists of, related terminology, actions undertaken by attackers, models, general function and preventative measures, detection and response to this threat.
Demilitarized zones, also known as DMZs (demilitarized zones), are used for the secure exchange of information between computers on a network that we want to protect and an external network that needs to access those computers. DMZs are widely used in the IT sector and also in the OT sector, but the equipment and services they host are not exactly the same.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SNMP protocol, describing in detail the prevention, identification and response phases to follow.
The continuity of the production process in businesses that require industrial automation depends more and more on the proper functioning, safety and reliability of the system of that composes it. Therefore, conducting tests of acceptance of its operation prior to its commissioning, is vital to ensure that the systems acquired meet the requirements set out in the contract between the company and the manufacturer.
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Standard 62443 arose as a development the ISA 99 standard to fully cover security within control systems. Divided into several parts, each refers to different aspects related to security. The IEC 62443-3-3 standard refers to system security requirements and security levels.